If you have a hacked website then trying to find vulnerabilities in the plugins you use is not the way to determine how the website has been backed, instead the evidence from the hack and the relevant logging should be scrutinized. Our hack cleanup service for WordPress websites includes doing that, as well as a lifetime subscription to this service.

One of the ways we help to improve the security of WordPress plugins, not just for our customers, but for everyone using them, is the proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities before they are exploited. That sometimes leads to us catching a vulnerability of a more limited variant of one of those serious vulnerability types, which isn’t as much concern for the average website, but could be utilized in a targeted attack. That happened with the authenticated PHP object injection vulnerability we found in a brand new plugin, Woocommerce Aliexpress Dropshipping Lite. This vulnerability could allow an attacker that had access to a WordPress account to exploit a PHP object injection vulnerability. It also could have allowed an attacker that could get a user logged in to WordPress to visit a URL the attacker controls, to exploit the vulnerability as well.